Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

trojandownloader.win32.delf.ezu [RESOLVED]

normonster

Posted 16 March 2008 - 12:48 PM

normonster

Member

Topic Starter

Member

53 posts

I had to shut my stystem off and bring ti back up-hard reset. All of a suddent he screen began filling with frames of the net page we were on and just continued copying them on top of one another in cascading fashion. I couldnt' stop it. After a while it said it couldn't continue due to lack of RAM.
I'm going to try 4.2 now

Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.

If an update is found, it will download and install the latest version.

Once the program has loaded, select "Perform Full Scan", then click Scan.

The scan may take some time to finish,so please be patient.

When the scan is complete, click OK, then Show Results to view the results.

Make sure that everything is checked, and click Remove Selected.

When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)

The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.

Copy&Paste the entire report in your next reply.

Extra Note:If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatley.

kahdah

Posted 16 March 2008 - 01:41 PM

kahdah

GeekU Teacher

Retired Staff

15,822 posts

Please download ATF Cleaner by Atribune.This program is for XP and Windows 2000 onlyDouble-click ATF-Cleaner.exe to run the program.Under Main choose: Select AllClick the Empty Selected button.If you use Firefox browserClick Firefox at the top and choose: Select AllClick the Empty Selected button.NOTE: If you would like to keep your saved passwords, please click No at the prompt.If you use Opera browserClick Opera at the top and choose: Select AllClick the Empty Selected button.NOTE: If you would like to keep your saved passwords, please click No at the prompt.Click Exit on the Main menu to close the program.For Technical Support, double-click the e-mail address located at the bottom of each menu.==========================================================Please do an online scan with Kaspersky WebScanner(This scanner is for use with internet explorer only)Click on "Accept"

You will be promted to install an ActiveX component from Kaspersky, Click Yes.

The program will launch and then begin downloading the latest definition files:

Once the files have been downloaded click on NEXT

Now click on Scan Settings

In the scan settings make that the following are selected:

Scan using the following Anti-Virus database:

Extended (if available otherwise Standard)

Scan Options:

Scan Archives
Scan Mail Bases

Click OK

Now under select a target to scan:Select My Computer

This will program will start and scan your system.

The scan will take a while so be patient and let it run.

Once the scan is complete it will display if your system has been infected.

Then navigate to these folders and delete them C:\Documents and Settings\All Users\Application Data\SymantecandC:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy

Then reset your files and folders to hidden:

Click Start.

Open My Computer.

Select the Tools menu and click Folder Options.

Select the View Tab.

Under the Hidden files and folders heading select Do not Show hidden files and folders.

Check the Hide protected operating system files (recommended) option.

Click Yes to confirm.

Click OK

====================Also delete SmitfraudFix folder and icon and the Host file Expert from off of your desktop.=============================================The hosts file has been replaced by a custom Hosts file by Spybot or by Stopzilla so it is fine.These programs add protection by blocking you from sites such as the ones listed.

kahdah

Posted 16 March 2008 - 07:08 PM

kahdah

GeekU Teacher

Retired Staff

15,822 posts

Please update your Java: Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version of Java components and upgrade the application. Beware it is NOT supported for use in 9x or ME and probably will not install in those systems

Posted 16 March 2008 - 08:16 PM

Download the file & save it as it's originally named, next to ComboFix.exe.

Now close all open windows and programs, then drag the setup package onto ComboFix.exe and drop it. Follow the prompts to start ComboFix and when prompted, agree to the End-User License Agreement to install the Microsoft Recovery Console. When complete, a log named CF_RC.txt will open. Please post the contents of that log.